Hi Lorne,

I haven’t used the cPanel interface myself, but if you are able to add to your 
webserver configuration (httpd.conf), you can add a statement like the 
following:

SecRule REQUEST_HEADERS:User-Agent "(semrush|majestic|slurp)" \
    "id:123456,phase:1,t:none,t:lowercase,block,tag:BOT,msg:'Bad bot blocked'"

This will block any requests from someone with semrush, majestic or slurp in 
the User-Agent header. (The rule id must be unique, I’ve used 123456 as an 
example.)

If you would prefer doing this from cPanel itself, it’s probably best to ask 
this on the cPanel forums.

Good luck!
WH

> On 12 Mar 2016, at 16:21, Lorne Wanamaker <feld...@gmail.com> wrote:
> 
> Hi All,
> 
> Having some issues with the bots listed above hammering sites on my cpanel 
> server. Here is a sample:
> 
> 2016-03-11 18:35:12.670 [INFO] [162.158.35.73:19363 
> <http://162.158.35.73:19363/>] File not found 
> [/usr/local/apache/htdocs/show/dance-moms]
> 
> There are 1000's of these a day simply searching for stuff that does not 
> exist.
> 
> I do have oswap running on this server but I cannot find the way to block 
> these bots. In the plugin I see you can add blocked agents, but I am not sure 
> on the format to add to this box or if it is indeed the right place to add to 
> in order to block these bots.
> 
> Thanks for any help!
> 
> Regards,
> Lorne
> _______________________________________________
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set@lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

Reply via email to